| Bug ID | 1083911 |
|---|---|
| Summary | VUL-0: CVE-2017-7651: mosquitto: Unauthenticated clients can send a crafted CONNECT packet which causes large amounts of memory use in the broker |
| Classification | openSUSE |
| Product | openSUSE Distribution |
| Version | Leap 15.0 |
| Hardware | Other |
| URL | https://smash.suse.de/issue/201129/ |
| OS | Other |
| Status | NEW |
| Severity | Normal |
| Priority | P5 - None |
| Component | Security |
| Assignee | mrueckert@suse.com |
| Reporter | kbabioch@suse.com |
| QA Contact | security-team@suse.de |
| Found By | Security Response Team |
| Blocker | --- |
CVE-2017-7651 A vulnerability exists in all Mosquitto versions up to and including 1.4.14 known as CVE-2017-7651. Unauthenticated clients can send a crafted CONNECT packet which causes large amounts of memory use in the broker. If multiple clients do this, an out of memory situation can occur and the system may become unresponsive or the broker will be killed by the operating system. The issue is fixed in Mosquitto 1.4.15. Patches for older versions are available at https://mosquitto.org/files/cve/2017-7651 The fix addresses the problem by limiting the permissible size for CONNECT packet, and by adding a memory_limit configuration option that allows the broker to self limit the amount of memory it uses. Thanks to Felipe Balabanian for finding this vulnerability and responsibly reporting it. References: http://mosquitto.org/blog/2018/02/security-advisory-cve-2017-7651-cve-2017-7652/ http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7651 http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7651.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7651